00001 00032 #ifndef LL_LLPERMISSIONS_H 00033 #define LL_LLPERMISSIONS_H 00034 00035 #include "llpermissionsflags.h" 00036 #include "llsd.h" 00037 #include "lluuid.h" 00038 #include "llxmlnode.h" 00039 #include "reflective.h" 00040 00041 // prototypes 00042 class LLMessageSystem; 00043 extern void mask_to_string(U32 mask, char* str); 00044 extern std::string mask_to_string(U32 mask); 00045 template<class T> class LLMetaClassT; 00046 00047 //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 00048 // Class LLPermissions 00049 // 00050 // Class which encapsulates object and inventory permissions/ownership/etc. 00051 // 00052 // Permissions where originally a static state creator/owner and set 00053 // of cap bits. Since then, it has grown to include group information, 00054 // last owner, masks for different people. The implementation has been 00055 // chosen such that a uuid is stored for each current/past owner, and 00056 // a bitmask is stored for the base permissions, owner permissions, 00057 // group permissions, and everyone else permissions. 00058 // 00059 // The base permissions represent the most permissive state that the 00060 // permissions can possibly be in. Thus, if the base permissions do 00061 // not allow copying, no one can ever copy the object. The permissions 00062 // also maintain a tree-like hierarchy of permissions, thus, if we 00063 // (for sake of discussions) denote more permissive as '>', then this 00064 // is invariant: 00065 // 00066 // base mask >= owner mask >= group mask 00067 // >= everyone mask 00068 // >= next owner mask 00069 // NOTE: the group mask does not effect everyone or next, everyone 00070 // does not effect group or next, etc. 00071 // 00072 // It is considered a fair use right to move or delete any object you 00073 // own. Another fair use right is the ability to give away anything 00074 // which you cannot copy. One way to look at that is that if you have 00075 // a unique item, you can always give that one copy you have to 00076 // someone else. 00077 // 00078 // Most of the bitmask is easy to understand, PERM_COPY means you can 00079 // copy !PERM_TRANSFER means you cannot transfer, etc. Given that we 00080 // now track the concept of 'next owner' inside of the permissions 00081 // object, we can describe some new meta-meaning to the PERM_MODIFY 00082 // flag. PERM_MODIFY is usually meant to note if you can change an 00083 // item, but since we record next owner permissions, we can interpret 00084 // a no-modify object as 'you cannot modify this object and you cannot 00085 // make derivative works.' When evaluating functionality, and 00086 // comparisons against permissions, keep this concept in mind for 00087 // logical consistency. 00088 //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 00089 00090 class LLPermissions : public LLReflective 00091 { 00092 private: 00093 LLUUID mCreator; // null if object created by system 00094 LLUUID mOwner; // null if object "unowned" (owned by system) 00095 LLUUID mLastOwner; // object's last owner 00096 LLUUID mGroup; // The group association 00097 00098 PermissionMask mMaskBase; // initially permissive, progressively AND restricted by each owner 00099 00100 PermissionMask mMaskOwner; // set by owner, applies to owner only, restricts lower permissions 00101 PermissionMask mMaskEveryone; // set by owner, applies to everyone else 00102 00103 PermissionMask mMaskGroup; // set by owner, applies to group that is associated with permissions 00104 00105 PermissionMask mMaskNextOwner; // set by owner, applied to base on transfer. 00106 00107 // Usually set in the fixOwnership() method based on current uuid 00108 // values. 00109 bool mIsGroupOwned; 00110 00111 // Correct for fair use - you can never take away the right to 00112 // move stuff you own, and you can never take away the right to 00113 // transfer something you cannot otherwise copy. 00114 void fixFairUse(); 00115 00116 // Fix internal consistency for group/agent ownership 00117 void fixOwnership(); 00118 00119 public: 00120 static const LLPermissions DEFAULT; 00121 00122 LLPermissions(); // defaults to created by system 00123 //~LLPermissions(); 00124 00125 // base initialization code 00126 void init(const LLUUID& creator, const LLUUID& owner, 00127 const LLUUID& last_owner, const LLUUID& group); 00128 void initMasks(PermissionMask base, PermissionMask owner, 00129 PermissionMask everyone, PermissionMask group, 00130 PermissionMask next); 00131 00132 // 00133 // ACCESSORS 00134 // 00135 00136 // return the agent_id of the agent that created the item 00137 const LLUUID& getCreator() const { return mCreator; } 00138 00139 // return the agent_id of the owner. returns LLUUID::null if group 00140 // owned or public (a really big group). 00141 const LLUUID& getOwner() const { return mOwner; } 00142 00143 // return the group_id of the group associated with the 00144 // object. 00145 const LLUUID& getGroup() const { return mGroup; } 00146 00147 // return the agent_id of the last agent owner. Only returns 00148 // LLUUID::null if there has never been a previous owner. 00149 const LLUUID& getLastOwner() const { return mLastOwner; } 00150 00151 U32 getMaskBase() const { return mMaskBase; } 00152 U32 getMaskOwner() const { return mMaskOwner; } 00153 U32 getMaskGroup() const { return mMaskGroup; } 00154 U32 getMaskEveryone() const { return mMaskEveryone; } 00155 U32 getMaskNextOwner() const { return mMaskNextOwner; } 00156 00157 // return TRUE if the object has any owner 00158 bool isOwned() const { return (mOwner.notNull() || mIsGroupOwned); } 00159 00160 // return TRUE if group_id is owner. 00161 bool isGroupOwned() const { return mIsGroupOwned; } 00162 00163 // This API returns TRUE if the object is owned at all, and FALSE 00164 // otherwise. If it is owned at all, owner id is filled with 00165 // either the owner id or the group id, and the is_group_owned 00166 // parameter is appropriately filled. The values of owner_id and 00167 // is_group_owned are not changed if the object is not owned. 00168 BOOL getOwnership(LLUUID& owner_id, BOOL& is_group_owned) const; 00169 00170 // Gets the 'safe' owner. This should never return LLUUID::null. 00171 // If no group owned, return the agent owner id normally. 00172 // If group owned, return the group id. 00173 // If not owned, return a random uuid which should have no power. 00174 LLUUID getSafeOwner() const; 00175 00176 // return a cheap crc 00177 U32 getCRC32() const; 00178 00179 00180 // 00181 // MANIPULATORS 00182 // 00183 00184 // Fix hierarchy of permissions, applies appropriate permissions 00185 // at each level to ensure that base permissions are respected, 00186 // and also ensures that if base cannot transfer, then group and 00187 // other cannot copy. 00188 void fix(); 00189 00190 // All of these methods just do exactly what they say. There is no 00191 // permissions checking to see if the operation is allowed, and do 00192 // not fix the permissions hierarchy. So please only use these 00193 // methods when you are know what you're doing and coding on 00194 // behalf of the system - ie, acting as god. 00195 void set(const LLPermissions& permissions); 00196 void setMaskBase(U32 mask) { mMaskBase = mask; } 00197 void setMaskOwner(U32 mask) { mMaskOwner = mask; } 00198 void setMaskEveryone(U32 mask) { mMaskEveryone = mask;} 00199 void setMaskGroup(U32 mask) { mMaskGroup = mask;} 00200 void setMaskNext(U32 mask) { mMaskNextOwner = mask; } 00201 00202 // Allow accumulation of permissions. Results in the tightest 00203 // permissions possible. In the case of clashing UUIDs, it sets 00204 // the ID to LLUUID::null. 00205 void accumulate(const LLPermissions& perm); 00206 00207 // 00208 // CHECKED MANIPULATORS 00209 // 00210 00211 // These functions return true on success. They return false if 00212 // the given agent isn't allowed to make the change. You can pass 00213 // LLUUID::null as the agent id if the change is being made by the 00214 // simulator itself, not on behalf of any agent - this will always 00215 // succeed. Passing in group id of LLUUID:null means no group, and 00216 // does not offer special permission to do anything. 00217 00218 // saves last owner, sets current owner, and sets the group. 00219 // set is_atomic = true means that this permission represents 00220 // an atomic permission and not a collection of permissions. 00221 // Currently, the only way to have a collection is when an object 00222 // has inventory and is then itself rolled up into an inventory 00223 // item. 00224 BOOL setOwnerAndGroup(const LLUUID& agent, const LLUUID& owner, const LLUUID& group, bool is_atomic); 00225 00226 // saves last owner, sets owner to uuid null, sets group 00227 // owned. group_id must be the group of the object (that's who it 00228 // is being deeded to) and the object must be group 00229 // modify. Technically, the agent id and group id are not 00230 // necessary, but I wanted this function to look like the other 00231 // checked manipulators (since that is how it is used.) If the 00232 // agent is the system or (group == mGroup and group modify and 00233 // owner transfer) then this function will deed the permissions, 00234 // set the next owner mask, and return TRUE. Otherwise, no change 00235 // is effected, and the function returns FALSE. 00236 BOOL deedToGroup(const LLUUID& agent, const LLUUID& group); 00237 // Attempt to set or clear the given bitmask. Returns TRUE if you 00238 // are allowed to modify the permissions. If you attempt to turn 00239 // on bits not allowed by the base bits, the function will return 00240 // TRUE, but those bits will not be set. 00241 BOOL setBaseBits( const LLUUID& agent, BOOL set, PermissionMask bits); 00242 BOOL setOwnerBits( const LLUUID& agent, BOOL set, PermissionMask bits); 00243 BOOL setGroupBits( const LLUUID& agent, const LLUUID& group, BOOL set, PermissionMask bits); 00244 BOOL setEveryoneBits(const LLUUID& agent, const LLUUID& group, BOOL set, PermissionMask bits); 00245 BOOL setNextOwnerBits(const LLUUID& agent, const LLUUID& group, BOOL set, PermissionMask bits); 00246 00247 // 00248 // METHODS 00249 // 00250 00251 // All the allow* functions return true if the given agent or 00252 // group can perform the function. Prefer using this set of 00253 // operations to check permissions on an object. These return 00254 // true if the given agent or group can perform the function. 00255 // They also return true if the object isn't owned, or the 00256 // requesting agent is a system agent. See llpermissionsflags.h 00257 // for bits. 00258 BOOL allowOperationBy(PermissionBit op, const LLUUID& agent, const LLUUID& group = LLUUID::null) const; 00259 00260 inline BOOL allowModifyBy(const LLUUID &agent_id) const; 00261 inline BOOL allowCopyBy(const LLUUID& agent_id) const; 00262 inline BOOL allowMoveBy(const LLUUID& agent_id) const; 00263 inline BOOL allowModifyBy(const LLUUID &agent_id, const LLUUID& group) const; 00264 inline BOOL allowCopyBy(const LLUUID& agent_id, const LLUUID& group) const; 00265 inline BOOL allowMoveBy(const LLUUID &agent_id, const LLUUID &group) const; 00266 00267 // This somewhat specialized function is meant for testing if the 00268 // current owner is allowed to transfer to the specified agent id. 00269 inline BOOL allowTransferTo(const LLUUID &agent_id) const; 00270 00271 // 00272 // DEPRECATED. 00273 // 00274 // These return true if the given agent can perform the function. 00275 // They also return true if the object isn't owned, or the 00276 // requesting agent is a system agent. See llpermissionsflags.h 00277 // for bits. 00278 //BOOL allowDeleteBy(const LLUUID& agent_id) const { return allowModifyBy(agent_id); } 00279 //BOOL allowEditBy(const LLUUID& agent_id) const { return allowModifyBy(agent_id); } 00280 // saves last owner and sets current owner 00281 //BOOL setOwner(const LLUUID& agent, const LLUUID& owner); 00282 // This method saves the last owner, sets the current owner to the 00283 // one provided, and sets the base mask as indicated. 00284 //BOOL setOwner(const LLUUID& agent, const LLUUID& owner, U32 new_base_mask); 00285 00286 // Attempt to set or clear the given bitmask. Returns TRUE if you 00287 // are allowed to modify the permissions. If you attempt to turn 00288 // on bits not allowed by the base bits, the function will return 00289 // TRUE, but those bits will not be set. 00290 //BOOL setGroupBits( const LLUUID& agent, BOOL set, PermissionMask bits); 00291 //BOOL setEveryoneBits(const LLUUID& agent, BOOL set, PermissionMask bits); 00292 00293 // 00294 // MISC METHODS and OPERATORS 00295 // 00296 00297 LLSD packMessage() const; 00298 void unpackMessage(LLSD perms); 00299 00300 // For messaging system support 00301 void packMessage(LLMessageSystem* msg) const; 00302 void unpackMessage(LLMessageSystem* msg, const char* block, S32 block_num = 0); 00303 00304 // Load/save support 00305 BOOL importFile(LLFILE* fp); 00306 BOOL exportFile(LLFILE* fp) const; 00307 00308 BOOL importLegacyStream(std::istream& input_stream); 00309 BOOL exportLegacyStream(std::ostream& output_stream) const; 00310 00311 LLXMLNode *exportFileXML() const; 00312 bool importXML(LLXMLNode* node); 00313 00314 bool operator==(const LLPermissions &rhs) const; 00315 bool operator!=(const LLPermissions &rhs) const; 00316 00317 friend std::ostream& operator<<(std::ostream &s, const LLPermissions &perm); 00318 00319 // Reflection. 00320 friend class LLMetaClassT<LLPermissions>; 00321 virtual const LLMetaClass& getMetaClass() const; 00322 }; 00323 00324 // Inlines 00325 BOOL LLPermissions::allowModifyBy(const LLUUID& agent, const LLUUID& group) const 00326 { 00327 return allowOperationBy(PERM_MODIFY, agent, group); 00328 } 00329 00330 BOOL LLPermissions::allowCopyBy(const LLUUID& agent, const LLUUID& group) const 00331 { 00332 return allowOperationBy(PERM_COPY, agent, group); 00333 } 00334 00335 00336 BOOL LLPermissions::allowMoveBy(const LLUUID& agent, const LLUUID& group) const 00337 { 00338 return allowOperationBy(PERM_MOVE, agent, group); 00339 } 00340 00341 BOOL LLPermissions::allowModifyBy(const LLUUID& agent) const 00342 { 00343 return allowOperationBy(PERM_MODIFY, agent, LLUUID::null); 00344 } 00345 00346 BOOL LLPermissions::allowCopyBy(const LLUUID& agent) const 00347 { 00348 return allowOperationBy(PERM_COPY, agent, LLUUID::null); 00349 } 00350 00351 BOOL LLPermissions::allowMoveBy(const LLUUID& agent) const 00352 { 00353 return allowOperationBy(PERM_MOVE, agent, LLUUID::null); 00354 } 00355 00356 BOOL LLPermissions::allowTransferTo(const LLUUID &agent_id) const 00357 { 00358 if (mIsGroupOwned) 00359 { 00360 return allowOperationBy(PERM_TRANSFER, mGroup, mGroup); 00361 } 00362 else 00363 { 00364 return ((mOwner == agent_id) ? TRUE : allowOperationBy(PERM_TRANSFER, mOwner)); 00365 } 00366 } 00367 00368 //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 00369 // Class LLAggregatePermissions 00370 // 00371 // Class which encapsulates object and inventory permissions, 00372 // ownership, etc. Currently, it only aggregates PERM_COPY, 00373 // PERM_MODIFY, and PERM_TRANSFER. 00374 // 00375 // Usually you will construct an instance and hand the object several 00376 // permissions masks to aggregate the copy, modify, and 00377 // transferability into a nice trinary value. 00378 //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 00379 00380 class LLAggregatePermissions 00381 { 00382 public: 00383 enum EValue 00384 { 00385 AP_EMPTY = 0x00, 00386 AP_NONE = 0x01, 00387 AP_SOME = 0x02, 00388 AP_ALL = 0x03 00389 }; 00390 00391 // construct an empty aggregate permissions 00392 LLAggregatePermissions(); 00393 00394 // pass in a PERM_COPY, PERM_TRANSFER, etc, and get out a EValue 00395 // enumeration describing the current aggregate permissions. 00396 EValue getValue(PermissionBit bit) const; 00397 00398 // returns the permissions packed into the 6 LSB of a U8: 00399 // 00TTMMCC 00400 // where TT = transfer, MM = modify, and CC = copy 00401 // LSB is to the right 00402 U8 getU8() const; 00403 00404 // return TRUE is the aggregate permissions are empty, otherwise FALSE. 00405 BOOL isEmpty() const ; 00406 00407 // pass in a PERM_COPY, PERM_TRANSFER, etc, and an EValue 00408 // enumeration to specifically set that value. Not implemented 00409 // because I'm not sure it's a useful api. 00410 //void setValue(PermissionBit bit, EValue); 00411 00412 // Given a mask, aggregate the useful permissions. 00413 void aggregate(PermissionMask mask); 00414 00415 // Aggregate aggregates 00416 void aggregate(const LLAggregatePermissions& ag); 00417 00418 // message handling 00419 void packMessage(LLMessageSystem* msg, const char* field) const; 00420 void unpackMessage(LLMessageSystem* msg, const char* block, const char *field, S32 block_num = 0); 00421 00422 static const LLAggregatePermissions empty; 00423 00424 friend std::ostream& operator<<(std::ostream &s, const LLAggregatePermissions &perm); 00425 00426 protected: 00427 enum EPermIndex 00428 { 00429 PI_COPY = 0, 00430 PI_MODIFY = 1, 00431 PI_TRANSFER = 2, 00432 PI_END = 3, 00433 PI_COUNT = 3 00434 }; 00435 void aggregateBit(EPermIndex idx, BOOL allowed); 00436 void aggregateIndex(EPermIndex idx, U8 bits); 00437 static EPermIndex perm2PermIndex(PermissionBit bit); 00438 00439 // structure used to store the aggregate so far. 00440 U8 mBits[PI_COUNT]; 00441 }; 00442 00443 // These functions convert between structured data and permissions as 00444 // appropriate for serialization. The permissions are a map of things 00445 // like 'creator_id', 'owner_id', etc, with the value copied from the 00446 // permission object. 00447 LLSD ll_create_sd_from_permissions(const LLPermissions& perm); 00448 LLPermissions ll_permissions_from_sd(const LLSD& sd_perm); 00449 00450 #endif